Microsoft Security Updates July 2017 release

Microsoft released security updates for all supported versions of Microsoft Windows and other company products on July 11, 2017.

The following guide provides you with in-depth information on the July 2017 Microsoft Patch Day. It starts with an executive summary that covers important to-know bits about the updates.

What follows is the distribution of updates for individual operating systems, server and client, and other Microsoft products.

It lists security updates, security advisories, and non-security updates afterwards, each with a short description and link to the Microsoft Knowledgebase article.

Last but not least, you get direct links to download the cumulative security and non-security, and only-security updates for all supported operating systems, and download information.

Microsoft Security Updates July 2017

You can download this Excel spreadsheet for a list of all security updates that Microsoft released on the July 2017 Patch Day. Just click on the following link to download the document to your computer: Microsoft Security Updates july 2017

Tip: Make sure you create a backup of your system before you install the patches.

Executive Summary

Microsoft released security updates for all client and server versions of Windows that the company supports.

All operating systems are affected by critical vulnerabilities.

Security updates have been released for other Microsoft products as well including Microsoft Office, Microsoft Edge, and Internet Explorer.

Security Updates

Addressed issue introduced by KB4022716 where Internet Explorer 11 may close unexpectedly when you visit some websites.

Addressed issue to improve MediaCreationTool.exe support for Setup Tourniquet scenarios.

Addressed issue with CoreMessaging.dll that may cause 32-bit apps to crash on the 64-bit version of the Windows OS.

Addressed an issue where Visual Studio or a WPF application may terminate unexpectedly (stops responding, followed by a crash) when running on a pen and/or touch enabled machine with Windows 10 Creators Update.

Addressed issue that causes the system to crash when certain USB devices are unplugged while the system is asleep.

Addressed issues with screen orientation that stops working after lid close and lid open transitions.

Addressed issue where certain elements (input or select) cannot be active targets of any action in Internet Explorer 11. This occurs after removing an iframe that contained a cursor inside certain elements (input or select) and adding a new iframe.

Known Issues

Important note for CVE-2017-8563: After installing the updates for CVE-2017-8563, to make LDAP authentication over SSL/TLS more secure, administrators need to create a LdapEnforceChannelBinding registry setting on a Domain Controller.

Security advisories and updates

The update addresses a vulnerability that could allow elevation of privilege if Azure AD Connect Password writeback is misconfigured during enablement. An attacker who successfully exploited this vulnerability could reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts.

The issue is addressed in the latest version (1.1.553.0) of Azure AD Connect by not allowing arbitrary password reset to on-premises AD privileged user accounts.

How to download and install the July 2017 security updates

Windows PCs are configured by default to search for, download and install updates automatically. This is not a real-time action, and if time is of the essence, you may run a manual check for updates at any time.

Tap on the Windows-key, type Windows Update, and hit the Enter-key.

Depending on how Windows Update is configured, you either need to click on the "check for updates" button, or that happens automatically.

Again, depending on the configuration, Windows may download and install these updates automatically when found, or on user request.